A malware agent is a malicious executable object that may be installed on an end-user's machine to misappropriate the machine's resources for use in a so-called “botnet” or for other malicious purposes. In one example, a botnet is a distributed network of “zombie” machines that each have a malware agent installed and that therefore respond to commands from a malware command-and-control (C&C) server. The C&C server may, in its turn, be programmed to perform any number of malicious functions. For example, the botnet may be configured to perform a denial of service (DoS) attack against a particular server. In another example, a botnet may be used to send out bulk email (“spam”). In yet another example, the botnet may be configured to perform distributed computing tasks for a malicious actor, such as mining of so-called “cryptocurrencies,” attempting to break an encryption key by brute force, or otherwise performing malicious distributed actions.
When a computer has been misappropriated as a zombie on a botnet, various undesirable consequences may follow for the machine and for its users. For example, the botnet agent may misappropriate the users' own data on the zombie computer, misappropriate computing and network resources that are then unavailable for the users, or otherwise cost the user privacy, time, and money. The botnet agent may also attempt to self-propagate across other machines operating on the same network, which may cause enterprise security concerns. These negative effects of a botnet agent are provided by way of example only, and it should be recognized that other negative effects are possible when a network has been so compromised.
Other species of malware agents may also report to a C&C server, and may cause other types of harm.